[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Samba Remote Zero-Day Exploit
> Turning off symlink support in samba closes the hole but then no
> access to symlinks created by the administrator is possible ...
Maybe what you want is for Samba to add and support an option like
"allow create symlink" (with default "no"). I myself do not think it
would be useful... would surely be a few lines of code only, so if you
want to submit a patch to the Samba team... or just patch your own
servers (as I do, see http://www.maths.usyd.edu.au/u/psz/samba/).
Paul Szabo psz@xxxxxxxxxxxxxxxxx http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia